Difference between revisions of "Template:Networking rut configuration example l2tp over ipsec work use case RutOS"
(Created page with "<table class="nd-othertables_2"> <tr> <th width=325; style="border-bottom: 1px solid white;></th> <th width=820; style="border-bottom: 1px solid white;" ro...") |
|||
Line 3: | Line 3: | ||
<th width=325; style="border-bottom: 1px solid white;></th> | <th width=325; style="border-bottom: 1px solid white;></th> | ||
<th width=820; style="border-bottom: 1px solid white;" rowspan=2;> | <th width=820; style="border-bottom: 1px solid white;" rowspan=2;> | ||
− | [[File: | + | [[File:Networking_RUTX_VPN_between_HQ_topology_v4.png|border|class=tlt-border|750px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 17: | Line 17: | ||
'''Prerequisites''': | '''Prerequisites''': | ||
− | * One | + | * One RUTX router of any type |
* A Public Static or Public Dynamic IP addresses | * A Public Static or Public Dynamic IP addresses | ||
* At least one end device with Windows 10 | * At least one end device with Windows 10 | ||
<br> | <br> | ||
− | The topology above depicts the L2TP/IPsec scheme. - The router with the Public IP address (''''' | + | The topology above depicts the L2TP/IPsec scheme. - The router with the Public IP address ('''''RUTX11''''') acts as the '''L2TP/IPsec server''' and the '''Windows 10 device''' acts as '''client'''. L2TP connects the networks of '''RUTX11''' and '''Windows 10 client''', IPsec provides the encryption for the L2TP tunnel. Only LAN traffic is going to go through that tunnel, any other WAN traffic won't go through it. This way the VPN tunnel will not be under a huge load and will provide greater speeds. |
When the scheme is realized, home workers will be able to reach corporation’s internal network with all internal systems, allowing working from home to be possible. | When the scheme is realized, home workers will be able to reach corporation’s internal network with all internal systems, allowing working from home to be possible. | ||
Line 31: | Line 31: | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
− | <th width= | + | <th width=355; style="border-bottom: 1px solid white;></th> |
− | <th width= | + | <th width=790; style="border-bottom: 1px solid white;" rowspan=2> [[File:Networking_rutx_configuration_examples_l2tp_over_ipsec_windows_10_1_v1.png|770px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
− | <td style="border-bottom: 1px solid white> | + | <td style="border-bottom: 1px solid white;> |
Login to the router's WebUI and navigate to the '''Services → VPN → L2TP''' page and do the following: | Login to the router's WebUI and navigate to the '''Services → VPN → L2TP''' page and do the following: | ||
<ol> | <ol> | ||
<li>Select '''Role: Server'''.</li> | <li>Select '''Role: Server'''.</li> | ||
<li>Enter a '''custom configuration name'''.</li> | <li>Enter a '''custom configuration name'''.</li> | ||
− | <li>Click the '''Add | + | <li>Click the '''Add''' button.</li> |
<li>Click the '''Edit''' button next to the newly created L2TP instance.</li> | <li>Click the '''Edit''' button next to the newly created L2TP instance.</li> | ||
</ol> | </ol> | ||
Line 51: | Line 51: | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
− | <th width= | + | <th width=355; style="border-bottom: 1px solid white;></th> |
− | <th width= | + | <th width=790; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutx_configuration_examples_l2tp_over_ipsec_windows_10_2_v1.png|770px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 71: | Line 71: | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
− | <th width= | + | <th width=355; style="border-bottom: 1px solid white;></th> |
− | <th width= | + | <th width=790; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutx_configuration_examples_l2tp_over_ipsec_windows_10_3_v1.png|770px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 90: | Line 90: | ||
<table class="nd-othertables_2"> | <table class="nd-othertables_2"> | ||
<tr> | <tr> | ||
− | <th width= | + | <th width=355; style="border-bottom: 1px solid white;></th> |
− | <th width= | + | <th width=790; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutx_configuration_examples_l2tp_over_ipsec_windows_10_4_v1.png|770px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 98: | Line 98: | ||
<ol> | <ol> | ||
<li>'''Enable''' the instance.</li> | <li>'''Enable''' the instance.</li> | ||
− | + | <li>Enter your '''Pre-shared key'''.</li> | |
− | + | <li>Select '''Type: Transport'''.</li> | |
− | + | <li>'''Save''' changes.</li> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
</ol> | </ol> | ||
</td> | </td> | ||
Line 129: | Line 111: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_6_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 143: | Line 125: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_7_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 157: | Line 139: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_8_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 181: | Line 163: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_11_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 195: | Line 177: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_12_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 209: | Line 191: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_13_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 223: | Line 205: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_14_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 237: | Line 219: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_15_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 251: | Line 233: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;"></th> | <th width=525; style="border-bottom: 1px solid white;"></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_9_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 265: | Line 247: | ||
<tr> | <tr> | ||
<th width=525; style="border-bottom: 1px solid white;></th> | <th width=525; style="border-bottom: 1px solid white;></th> | ||
− | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File: | + | <th width=620; style="border-bottom: 1px solid white;" rowspan=2>[[File:Networking_rutxxx_configuration_examples_l2tp_over_ipsec_windows_10_10_v2.png|border|class=tlt-border|550px|right]]</th> |
</tr> | </tr> | ||
<tr> | <tr> |
Revision as of 10:08, 17 October 2022
|
Configuration overview and prerequisites
Prerequisites:
- One RUTX router of any type
- A Public Static or Public Dynamic IP addresses
- At least one end device with Windows 10
The topology above depicts the L2TP/IPsec scheme. - The router with the Public IP address (RUTX11) acts as the L2TP/IPsec server and the Windows 10 device acts as client. L2TP connects the networks of RUTX11 and Windows 10 client, IPsec provides the encryption for the L2TP tunnel. Only LAN traffic is going to go through that tunnel, any other WAN traffic won't go through it. This way the VPN tunnel will not be under a huge load and will provide greater speeds.
When the scheme is realized, home workers will be able to reach corporation’s internal network with all internal systems, allowing working from home to be possible.
Configuring HQ corporation router
L2TP
Login to the router's WebUI and navigate to the Services → VPN → L2TP page and do the following:
|
|
IPsec
Go to the Services → VPN → IPsec page and do the following:
|
In the IPsec Configuration page, do the following (and leave the rest as defaults, unless your specific configuration requires otherwise):
|
Home worker’s computer
Type VPN settings in the Windows search bar: |
Click the Add a VPN connection button: |
Configure the following parameters:
|
Type Network Connections in the Windows search bar: |
Press right mouse click on your newly created VPN instance and select Properties: |
Navigate to Networking section and double click Internet Protocol Version 4 (TCP/IPv4): |
Go to Advanced settings: |
Now disable Use default gateway on remote network and save settings: |
Go back to the VPN settings page, locate your new connection and click the Connect button. If the connection was successful, you should see the word "Connected" appear under the connection name: |
Results
Home worker should now be able to access HQ network resources. To verify the connection you can ping some internal HQ server and if you get a reply, you have successfully connected to HQ‘s internal network. |